CVE-2022-48748

2024-06-2012:15:13

CWE-400

Linux

web.nvd.nist.gov

linux kernel

net bridge

vlan

memory leak

fix

vulnerability

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6.6

Confidence

Low

EPSS

Percentile

15.6%

JSON

In the Linux kernel, the following vulnerability has been resolved:

net: bridge: vlan: fix memory leak in __allowed_ingress

When using per-vlan state, if vlan snooping and stats are disabled,
untagged or priority-tagged ingress frame will go to check pvid state.
If the port state is forwarding and the pvid state is not
learning/forwarding, untagged or priority-tagged frame will be dropped
but skb memory is not freed.
Should free skb when __allowed_ingress returns false.

Affected configurations

Vulners

Node

linuxlinux_kernelRange5.6–5.10.96

linuxlinux_kernelRange5.11.0–5.15.19

linuxlinux_kernelRange5.16.0–5.16.5

linuxlinux_kernelRange5.17.0≥

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/bridge/br_vlan.c"
    ],
    "versions": [
      {
        "version": "a580c76d534c",
        "lessThan": "446ff1fc37c7",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "a580c76d534c",
        "lessThan": "c5e216e880fa",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "a580c76d534c",
        "lessThan": "14be8d448fca",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "a580c76d534c",
        "lessThan": "fd20d9738395",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/bridge/br_vlan.c"
    ],
    "versions": [
      {
        "version": "5.6",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.6",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.10.96",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.15.19",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.16.5",
        "lessThanOrEqual": "5.16.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.17",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]